Home > Tutorials > PHP Tutorials

How does Nginx implement cross-domain access? Implementation of Nginx cross-domain access

Source: Internet
Author: User
Tags browser cache
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
This article introduces you to how Nginx can achieve cross-domain access? Nginx cross-domain access to the implementation, there is a certain reference value, the need for friends can refer to, I hope to help you.

One, what is cross-domain

Cross-domain refers to a resource that requests another domain name from a Web page of a domain name. For example, from the Www.a.com page to request www.b.com resources.

Browsers generally prohibit cross-domain access by default. Because it is unsafe, CSRF (cross-site request forgery) attacks are prone to occur.

Second, Nginx Control browser allows cross-domain access

Nginx by adding Access-control-allow-origin, Access-control-allow-methods, access-control-allow-headers such as HTTP header information to control the browser cache.

"Access-control-allow-origin" setting allows Web sites to initiate cross-domain requests
The "access-control-allow-methods" setting allows HTTP methods to initiate cross-domain request requests
"Access-control-allow-headers" setting allows cross-domain requests to include Content-type headers

Ngx_http_headers_module

Grammar

Syntax:    add_header Name value [always];D efault:    -context:    http, server, location, if in location

Application examples

1. Vim conf.d/cross_site.conf

# Configure Web site www.a.comserver {    server_name www.a.com;    root/vagrant/a;        # Allow http://www.b.com to initiate cross-domain requests Add_header access-control-allow-origin http://www.b.com using Get,post,delete http method    ;    Add_header Access-control-allow-method Get,post,delete;} # Configure Web site www.b.comserver {    server_name www.b.com;    root/vagrant/b;} # Configure Web site www.c.comserver {    server_name www.c.com;    ROOT/VAGRANT/C;}

2. Nginx-s Reload re-loading the Nginx configuration file

3. Create /vagrant/a/a.txt , /vagrant/b/index.html /vagrant/c/index.html file

    • Vim/vagrant/a/a.txt

Hello,i ' m A!

    • /vagrant/b/index.html

<! DOCTYPE html>


 
    
 
  
       
   
    • /vagrant/c/index.html
      •  
  
    

 


<! DOCTYPE html>


4. Configure the client's Hosts file (with the real domain name can be ignored)


Windows:C:\Windows\System32\drivers\etc\hosts
Linux:/etc/hosts


Add the following, and save (192.168.33.88 as the author of the virtual machine's IP, the need to replace their own IP):


192.168.33.88 www.a.com192.168.33.88 www.b.com192.168.33.88 www.c.com


5. The browser accesses http://www.b.com/index.html andhttp://www.c.com/index.html


  
    
 
   
       
    
    • Http://www.b.com/index.html
      •  
   
    

  


Ajax cross-site access B-hello,i ' m A!


  
    
 
   
       
    
    • Http://www.c.com/index.html
      •  
   
    

  


Ajax Cross-site access C-Request failed!


Open the browser's developer mode console, you can also find http://www.c.com/index.html page error:


Failed to load http://www.a.com/a.txt:The ' Access-control-allow-origin ' header had a value ' http://www.b.com ' that's not Equal to the supplied origin. Origin ' http://www.c.com ' is therefore not allowed access.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
nginx access denied nginx access log off how to access domain domain access how to access domain email nginx nginx cross domain cookies php

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More